Merge pull request #13690 from github/post-release-prep/codeql-cli-2.14.0

Post-release preparation for codeql-cli-2.14.0
2026-04-24 08:15:14 +02:00 · 2023-07-07 23:39:38 +01:00
parent 4028a50c4c 13cf054a9d
commit 44f23bfa59
139 changed files with 444 additions and 217 deletions
--- a/ruby/ql/lib/CHANGELOG.md
+++ b/ruby/ql/lib/CHANGELOG.md
@@ -1,3 +1,16 @@
+## 0.7.0
+
+### Deprecated APIs
+
+* The `Configuration` taint flow configuration class from `codeql.ruby.security.InsecureDownloadQuery` has been deprecated. Use the `Flow` module instead.
+
+### Minor Analysis Improvements
+
+* More kinds of rack applications are now recognized.
+* Rack::Response instances are now recognized as potential responses from rack applications.
+* HTTP redirect responses from Rack applications are now recognized as a potential sink for open redirect alerts.
+* Additional sinks for `rb/unsafe-deserialization` have been added. This includes various methods from the `yaml` and `plist` gems, which deserialize YAML and Property List data, respectively.
+
 ## 0.6.4

 No user-facing changes.
--- a/ruby/ql/lib/change-notes/2023-05-27-unsafe-deserialization.md
+++ b/ruby/ql/lib/change-notes/2023-05-27-unsafe-deserialization.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Additional sinks for `rb/unsafe-deserialization` have been added. This includes various methods from the `yaml` and `plist` gems, which deserialize YAML and Property List data, respectively.
--- a/ruby/ql/lib/change-notes/2023-06-08-rack-redirect.md
+++ b/ruby/ql/lib/change-notes/2023-06-08-rack-redirect.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* HTTP redirect responses from Rack applications are now recognized as a potential sink for open redirect alerts.
--- a/ruby/ql/lib/change-notes/2023-06-14-insecure-download-config.md
+++ b/ruby/ql/lib/change-notes/2023-06-14-insecure-download-config.md
@@ -1,4 +0,0 @@
---
-category: deprecated
---
-* The `Configuration` taint flow configuration class from `codeql.ruby.security.InsecureDownloadQuery` has been deprecated. Use the `Flow` module instead.
--- a/ruby/ql/lib/change-notes/2023-06-23-rack-response.md
+++ b/ruby/ql/lib/change-notes/2023-06-23-rack-response.md
@@ -1,5 +0,0 @@
---
-category: minorAnalysis
---
-* More kinds of rack applications are now recognized.
-* Rack::Response instances are now recognized as potential responses from rack applications.
--- a/ruby/ql/lib/change-notes/released/0.7.0.md
+++ b/ruby/ql/lib/change-notes/released/0.7.0.md
@@ -0,0 +1,12 @@
+## 0.7.0
+
+### Deprecated APIs
+
+* The `Configuration` taint flow configuration class from `codeql.ruby.security.InsecureDownloadQuery` has been deprecated. Use the `Flow` module instead.
+
+### Minor Analysis Improvements
+
+* More kinds of rack applications are now recognized.
+* Rack::Response instances are now recognized as potential responses from rack applications.
+* HTTP redirect responses from Rack applications are now recognized as a potential sink for open redirect alerts.
+* Additional sinks for `rb/unsafe-deserialization` have been added. This includes various methods from the `yaml` and `plist` gems, which deserialize YAML and Property List data, respectively.
--- a/ruby/ql/lib/codeql-pack.release.yml
+++ b/ruby/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.4
+lastReleaseVersion: 0.7.0
--- a/ruby/ql/lib/qlpack.yml
+++ b/ruby/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-all
-version: 0.7.0-dev
+version: 0.7.1-dev
 groups: ruby
 extractor: ruby
 dbscheme: ruby.dbscheme
--- a/ruby/ql/src/CHANGELOG.md
+++ b/ruby/ql/src/CHANGELOG.md
@@ -1,3 +1,15 @@
+## 0.7.0
+
+### Minor Analysis Improvements
+
+* Fixed a bug in how `map_filter` calls are analyzed. Previously, such calls would
+  appear to the return the receiver of the call, but now the return value of the callback
+  is properly taken into account.
+
+### Bug Fixes
+
+* The experimental query "Arbitrary file write during zipfile/tarfile extraction" (`ruby/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."
+
 ## 0.6.4

 No user-facing changes.
--- a/ruby/ql/src/change-notes/2023-06-12-map_filter.md
+++ b/ruby/ql/src/change-notes/2023-06-12-map_filter.md
@@ -1,6 +0,0 @@
---
-category: minorAnalysis
---
-* Fixed a bug in how `map_filter` calls are analyzed. Previously, such calls would
-  appear to the return the receiver of the call, but now the return value of the callback
-  is properly taken into account.
--- a/ruby/ql/src/change-notes/2023-06-16-zipslip-rename.md
+++ b/ruby/ql/src/change-notes/2023-06-16-zipslip-rename.md
@@ -1,4 +0,0 @@
---
-category: fix
---
-* The experimental query "Arbitrary file write during zipfile/tarfile extraction" (`ruby/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."
--- a/ruby/ql/src/change-notes/released/0.7.0.md
+++ b/ruby/ql/src/change-notes/released/0.7.0.md
@@ -0,0 +1,11 @@
+## 0.7.0
+
+### Minor Analysis Improvements
+
+* Fixed a bug in how `map_filter` calls are analyzed. Previously, such calls would
+  appear to the return the receiver of the call, but now the return value of the callback
+  is properly taken into account.
+
+### Bug Fixes
+
+* The experimental query "Arbitrary file write during zipfile/tarfile extraction" (`ruby/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."
--- a/ruby/ql/src/codeql-pack.release.yml
+++ b/ruby/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.6.4
+lastReleaseVersion: 0.7.0
--- a/ruby/ql/src/qlpack.yml
+++ b/ruby/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/ruby-queries
-version: 0.7.0-dev
+version: 0.7.1-dev
 groups: 
  - ruby
  - queries